Can anyone offer some advice on the best method to upgrade the release version of Apache 2.4.x on a Virtualmin/Ubuntu 16.04 server to the latest 2.4.39 release.
Are there any issues with updating Apache to 2.4.39 on Virtualmin?
With the current Apache advisory https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211 and subsequent release to the public of 2.4.39 on 1st April, it would seem prudent to update.
Me to. Also want to know how we can update to latest security update of Apache.
You just posted in a year old topic.^^
Anyways, if you cant get the package via the “apt update” then it simply means that that apache package isnt in your used repos.
You can add additional repos for that, like sury his repos. He got one for apache2.
I’m just scared if I add other repo I’ll end up breaking apache in webmin.
On Debian and Ubuntu it is generally safe to upgrade Apache as long as the new packages use the same paths and satisfy all the same dependencies.
The custom suexec makes it tricky on CentOS, but Debian/Ubuntu have a configurable suexec, so we use the standard OS Apache version.
However, I do not recommend using other packages. They don’t receive the same testing/vetting as the OS standard packages and are rarely as well-maintained. It is likely a relatively higher security risk to run a third party package. You should have a really damned good reason before using packages from other source.
As @Joe said, in the Debian/Ubuntu case, its safer than with other OS. In general, I never had an issue with using additional repos (as long as you know what you are doing).
Which in general, is a good thing. But sury is actually a good maintainer and not just some random suspicious repo owner.
I never ran into any issues with sury’s repos and so far got updates as fast as needed and could solve a lot of issues with that.
That’s what I thought Joe. Thank you for the response.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.